CVE-2008-3534

Priority

Medium

Description

The shmem_delete_inode function in mm/shmem.c in the tmpfs implementationin the Linux kernel before 2.6.26.1 allows local users to cause a denial ofservice (system crash) via a certain sequence of file create, remove, andoverwrite operations, as demonstrated by the insserv program, related toallocation of "useless pages" and improper maintenance of the i_blockscount.

Ubuntu-Description

It was discovered that the tmpfs implementation did not correctly handlecertain sequences of inode operations. A local attacker could exploitthis to crash the system, leading to a denial of service.